<?php
require_once("./session.php");
require_once("../include/global.php");

/*foreach ($_POST as $var => $value)
{
    print "$var : $value<br>";
}
die();*/

$log_ID        = intval($_POST['log_ID']); 
$title         = htmlspecialchars(my_addslashes($_POST['title']));
$cate_ID       = intval($_POST['category']);
$author        = strip_tags(my_addslashes($_POST['author']) ? $_POST['author'] : "Anonymous") ;
$IsCommentable = intval($_POST['IsCommentable']);
$IsTop         = intval($_POST['IsTop']);
$IsShow        = intval($_POST['IsShow']);
$from          = htmlspecialchars(my_addslashes($_POST['from']));
$fromurl       = htmlspecialchars(my_addslashes($_POST['fromurl']));
$posttime      = strtotime($_POST['posttime'])?strtotime($_POST['posttime']):time();
$tags          = htmlspecialchars(my_addslashes($_POST['tags']));
$content       = my_addslashes($_POST['FCKeditor']);
$intro         = my_addslashes($_POST['Intro']);
$commNums      = intval($_POST['commNums']);
$viewNums      = intval($_POST['viewNums']);

$sql = "SELECT cate_ID from blog_category where cate_ID = $cate_ID ";
$result  = mysql_query($sql) or die(mysql_error());

if(!mysql_num_rows($result))
{  
	      echo "<script>alert('该栏目不存在');</script>";
		  return;
}

if($_GET['action'] == 'add' )
{
     $sql = "INSERT INTO blog_article(log_ID,log_CateID,log_Title,log_Intro,log_Author,log_Tags,log_From,log_FromUrl,log_Content, log_PostTime,log_CommNums,log_ViewNums,log_IsShow,log_IsTop,log_IsCommentable) VALUES ( '0', '$cate_ID', '$title', '$intro', '$author', '$tags', '$from', '$fromurl', '$content', '$posttime', '$commNums', '$viewNums', '$IsShow', '$IsTop', '$IsCommentable' );" ; 
}else if($_GET['action'] == 'modify' ){
     $sql = "UPDATE blog_article SET 
log_CateID = $cate_ID,
log_Title = '$title',
log_Intro = '$intro',
log_Author = '$author',
log_Tags = '$tags',
log_From = '$from',
log_FromUrl = '$fromurl',
log_Content = '$content',
log_PostTime = '$posttime',
log_CommNums = '$commNums',
log_ViewNums = '$viewNums',
log_IsShow   = '$IsShow',
log_IsTop    = '$IsTop',
log_IsCommentable = '$IsCommentable' WHERE log_ID = '$log_ID' LIMIT 1 ;";
}


mysql_query($sql) or die (mysql_error());

echo "<script>alert('Log Posted Successfully.');history.back(-1);</script>";
?>
